Viruses & malware

Cyber attacks, Viruses & malware, Cyber security

If your computer is connected to the internet, it’s fairly obvious you need to have active protection against viruses & malware or other threats that might come your way.

Threats might be viruses, worms, ransomware etc.  and are generally known as malware. That protection comes in the form of antivirus or antimalware software which broadly consists of two main parts.

  • The software itself. This is designed to detect, prevent and take action to disarm or remove malicious software.
  • The definitions. This contains signatures for malware that have been encountered. Using definitions is one of the methods the software uses to tell whether something is in fact malicious software. Note: modern antimalware software invariably uses several methods of detecting malicious software.

Antivirus software companies estimate over 500,000 new malware threats are released per day. Computers can be at risk from infection by (for example):

  • Running a program which is or contains malware.
  • Opening documents.
  • Simply opening or previewing an email message.
  • Being connected to a computer which is infected by malware.

There is no algorithm that can perfectly detect all possible viruses.

Use caution when using a computer on the internet

The first line of defence against being attacked or infected by malware is you. No matter how much protection you have by installing antimalware software, it does not give you a licence to use your computer in an unsafe manner. As a general set of rules:

Stay awake

Remember at all times that the internet is not a safe place. There are literally millions of people out there whose intent is to get you. Whether it is by infecting your computer with a virus just because they can; hijacking your passwords and hacking your Facebook; putting ransomware on your computer which encrypts all your data and asks you to pay in order to decrypt it etc. You must constantly be vigilant in order to thwart their attempts.

Look for the padlock

Be cautious of websites that do not use server certificates. Nearly all legitimate websites use certificates so that the traffic between your computer and the site is encrypted. This is usually displayed as a padlock in the address bar of your browser. You can click on the padlock to get more information about the server and the certificate. Modern browsers display a warning page instead of the requested page if there is something wrong with the certificate. If you receive such a warning page, you should not proceed to the site. The fact that a web page displays a padlock does not necessarily mean the contents of the site are safe.

Use strong passwords

Enable two-factor authentication where possible and strong passwords to block phishing attacks, stolen credentials, or other login compromises.

Watch that free stuff

Be very careful when you download free software, music, games etc. from the internet. That is not to say that all free software is bad. On the contrary, there are many free software packages that are excellent. Malicious software often comes packaged with free software so you should remember that it’s risky to download free software.

Monitor your kids

While we are on that subject, monitor your children’s activity on the internet. Apart from the obvious threat from grooming, children have a habit of downloading and installing free stuff they find on the internet and as mentioned above, not everything that is free is good. We have attended many households where a new computer is installed and within weeks the owner is complaining of poor performance or other problems and we arrive to find the computer festooned with malicious software because of the children’s internet activity.

Update your software

Make sure all installed software and operating systems are kept updated. This helps to prevent vulnerabilities from being exploited by the attackers.

Check your inbox

Be wary when using your email package. As previously mentioned, opening or even simply previewing an email message could put you at risk. A golden rule is not to open email messages from people you don’t know and certainly never click on any attachments to them, you should delete the message and any attachments. If the message is important and benign and you do not respond, the sender will most likely resend it. Even if an email is sent by someone you know, it doesn’t mean the email is safe. Someone who has contacted you before may have been infected and one of the first things malicious software is likely to do is to interrogate the infected computer’s contact list and email everyone on it with a copy of the infection.

Use your junk mail folder

Periodically open it and without previewing the messages, look down the list of senders and their subject lines and delete all that come from unknown senders or are obviously junk mail, that will get rid of most of the contents of your junk mail. Any that remain can probably be cautiously previewed.

Check all devices

Make sure all your connected computers have adequate protection, once one computer is infected, it is highly likely the infection will spread to others.

No porn

It probably goes without saying but do not browse or click on links that take you to sites that claim to offer pornographic images. These sites are frequently found to be a source of malicious software.

Remote desktop is a risk

Publicly exposed remote desktop servers are a common way for attackers to first gain access to a network. Preferably disable them and if they must be enabled, you should monitor connections closely and audit logs for all remote connection protocols.

Monitor user accounts

Audit the creation of new accounts and not use an administrator account for routine use of the computer.

Check the administrators group

Monitor changes to membership of the administrators group(s) for unauthorised users.

Scan your ports

Scan for open or listening ports on the network and block them from being accessible.

Backup your computer

Ensure you are backing up your computer(s) regularly and the backups are in a secure location.

Backup and disaster recovery

There is absolutely no substitute for a good disaster recovery plan. You should get reliable backup software, configure it, use it and most importantly test it regularly. In our view, it is more important than installing antimalware software as it not only gives you protection against viruses etc. but also against burglary, fire etc. For more information, see our article on backups.

Antimalware software

Windows 10 comes packaged with antimalware software called Microsoft Security Essentials, it is preconfigured and set to start running as soon as your computer starts and update itself automatically with Windows update. It may not be the best protection in the world but it does a fairly good job.

Windows 7 was a much-loved operating system and both Windows 8 and Windows 8.1 had mixed reviews, they were like Marmite, you either loved it or hated it. Like so many other things, these operating systems have become obsolete so you will no longer be able to get security or software updates for them or in fact, technical support from Microsoft. This makes an upgrade an absolutely essential task for the safety of your PC. If you need help upgrading your operating system to the latest and best contact us for details of our support services.

Installing antivirus software

Many people decide to add an additional layer of protection by installing a third-party antimalware package. There are many to choose from. such as such as those offered by MalwarebytesAvastMcAfeeKasperskyTrend Micro and AVG. This list in no particular order of preference and is not exhaustive. All of the software vendors mentioned have been in the business for many years and may offer a free version of their software.

If you decide to go with the free version, you will possibly be pestered by nag screens that tell you that you have problems with your computer or you are better off upgrading to their paid version which is usually offered on an annual subscription. Generally, we suggest you opt for the paid version which in addition to the free version offers enhanced protection against ransomware attacks etc.

Test your antivirus

Some packages may run happily alongside Microsoft Security Essentials whereas others may take over the protection of your computer from it completely. Note you should not install more than one third-party antimalware package as running multiple antivirus programs concurrently can degrade performance and create conflicts.

Should you be in the unhappy position of your PC being infected with malware, assuming the malware is allowing you to connect to the internet you can try running an online virus scanner such as Trend Micro’s HouseCall. If you are not able to access the internet, using a different computer, you should download the Emsisoft Emergency Kit to a USB device then try running the “Start Emergency Kit Scanner” program on the infected computer.

Perform manual scans

You should open your antimalware software occasionally and perform a manual scan of your computer to double check you have no malicious software on it.

If your antivirus program has stopped working, you have a virus or other malicious software on your computer, you need help upgrading to Windows 10 or you have any other problems with your computer, you can always contact us for details of our support services.